After the Colonial Pipeline ransomware attack shut down the entire pipeline system for over a week, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) issued a directive requiring all pipeline companies to take immediate actions to mitigate cyber risks. The first cybersecurity directive was issued on May 27 and the follow-up directive was ... READ MORE
Mass Mailing Attack from NOBELIUM
On May 25, 2021, the campaign escalated as NOBELIUM, the same group behind the 2020 SolarWinds attacks, leveraged the legitimate mass-mailing service, Constant Contact, to masquerade as a US-based development organization and distribute malicious URLs to a wide variety of organizations and industry verticals. Using the legitimate mass mailing service Constant Contact, NOBELIUM ... READ MORE
Colonial Pipeline Ransomware
Ransomware attacks are no longer simply a malware infection. Today’s ransomware threat actor groups are comprised of skilled hackers who are well-versed in infiltrating their victims’ networks. Once inside the target network, these attackers perform reconnaissance to identify critical accounts, systems and even sensitive data stored within the network. Since the mid-2010s, we ... READ MORE
Building a Vulnerable Box: RemoteMouse
At the start of every year, I review my lab repository of intentionally vulnerable machines and do my best to add new ones to the list. I recently came across a particularly interesting flaw, from a teaching perspective, and thought it would be worth capturing. RemoteMouse is Windows/Linux/Mac compatible software that can be used in conjunction with a mobile app to turn your ... READ MORE
Mobile Apps – Testing WebView
Mobile application testing has progressed significantly over the past few years. Whereas the early days of mobile security were more or less a wild west, efforts such as the Mobile Top 10 and testing guide from OWASP and courses like SANS 575 have helped to standardize both methodologies and expectations for testing. Tools like MobSF and expanded support in Metasploit and ... READ MORE
2020 Attack Vectors Report – Internal Pentesting
Our team has collected two years worth of internal penetration testing data to put together a white paper covering our most frequent footholds that lead to full network compromises. The data clearly shows that passwords and patching continue to be a significant problem. Nearly half of all compromises achieved by RSM's testing team between 2018 and 2020 were a direct result ... READ MORE
Building a Vulnerable Box – HTML5 VPN Portal
Years ago, I wrote a series of posts covering the basics of building and exploiting vulnerable machines for learning purposes. With my two most recent posts covering virtual labs, it seems like an appropriate time to revisit the topic. I've used the misconfiguration I'm going to cover in this article on several Capture the Flag events and mock pentests over the years. It ... READ MORE
Building a Lab Network – Faux Corporate Networks
Last month, I mentioned the possibility of setting up a second virtual firewall in a lab environment to simulate a corporate network with mock internal and external spaces. I frequently do this for CTFs, student pentesting projects, and more. Offensive security training is rapidly moving towards realistic environments. Organizations like HackTheBox which historically have ... READ MORE
Building a Lab Network in Proxmox and Sophos UTM9
One of the best ways to acquire and maintain an offensive security skill set is to build a home lab and populate it with intentionally vulnerable machines. The most straightforward option is to simply spin up VMs in VirtualBox or VMWare Player and manage everything locally. To take things to the next level, however, you really need a hypervisor like ESXi or Proxmox. Nowadays, ... READ MORE
Capture the Flag 2017 – Example Challenges
Early next year, RSM will host its fourth annual Capture the Flag event. We wanted to give our potential participants some background information and examples of the types of problems they will encounter. Coding: https://warroom.rsmus.com/ctf-example-coding/ Cryptography: https://warroom.rsmus.com/ctf-example-cryptography-2/ Forensics: ... READ MORE